feat: replace Nginx/Certbot teardown with Caddy teardown in phase8_teardown.sh
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
S
@@ -4,10 +4,9 @@ set -euo pipefail
|
||||
# =============================================================================
|
||||
# phase8_teardown.sh — Reverse the cutover: remove HTTPS, restore GitHub repos
|
||||
# Steps:
|
||||
# 1. Remove Nginx gitea.conf + reload
|
||||
# 2. Remove cert renewal cron
|
||||
# 3. Optionally remove SSL certificates
|
||||
# 4. Restore GitHub repo settings from the saved Phase 8 state snapshot
|
||||
# 1. Stop + remove Caddy container and compose file
|
||||
# 2. Optionally remove Caddy data (certs, config)
|
||||
# 3. Restore GitHub repo settings from the saved Phase 8 state snapshot
|
||||
# =============================================================================
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
|
||||
@@ -15,8 +14,8 @@ source "${SCRIPT_DIR}/lib/common.sh"
|
||||
|
||||
load_env
|
||||
require_vars UNRAID_IP UNRAID_SSH_USER \
|
||||
GITEA_DOMAIN NGINX_CONTAINER_NAME NGINX_CONF_PATH \
|
||||
SSL_MODE GITHUB_USERNAME GITHUB_TOKEN \
|
||||
GITEA_DOMAIN CADDY_DATA_PATH \
|
||||
GITHUB_USERNAME GITHUB_TOKEN \
|
||||
REPO_NAMES
|
||||
|
||||
log_warn "=== Phase 8 Teardown: Cutover ==="
|
||||
@@ -33,50 +32,46 @@ github_pages_http_code() {
|
||||
}
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
# Step 1: Remove Nginx config and reload
|
||||
# Step 1: Stop + remove Caddy container
|
||||
# ---------------------------------------------------------------------------
|
||||
if ssh_exec UNRAID "test -f '${NGINX_CONF_PATH}/gitea.conf'" 2>/dev/null; then
|
||||
printf 'Remove Nginx config for %s? [y/N] ' "$GITEA_DOMAIN"
|
||||
CONTAINER_STATUS=$(ssh_exec UNRAID "docker ps --filter name=caddy --format '{{.Status}}'" 2>/dev/null || true)
|
||||
if [[ "$CONTAINER_STATUS" == *"Up"* ]]; then
|
||||
printf 'Stop and remove Caddy container? [y/N] '
|
||||
read -r confirm
|
||||
if [[ "$confirm" =~ ^[Yy]$ ]]; then
|
||||
ssh_exec UNRAID "rm -f '${NGINX_CONF_PATH}/gitea.conf'"
|
||||
ssh_exec UNRAID "docker exec ${NGINX_CONTAINER_NAME} nginx -s reload" || true
|
||||
log_success "Nginx config removed and reloaded"
|
||||
ssh_exec UNRAID "cd '${CADDY_DATA_PATH}' && docker compose down 2>/dev/null || docker-compose down"
|
||||
log_success "Caddy container stopped and removed"
|
||||
else
|
||||
log_info "Nginx config preserved"
|
||||
log_info "Caddy container preserved"
|
||||
fi
|
||||
else
|
||||
log_info "Nginx config already removed"
|
||||
log_info "Caddy container not running"
|
||||
fi
|
||||
|
||||
# Remove Caddy compose + Caddyfile
|
||||
if ssh_exec UNRAID "test -f '${CADDY_DATA_PATH}/docker-compose.yml'" 2>/dev/null; then
|
||||
ssh_exec UNRAID "rm -f '${CADDY_DATA_PATH}/docker-compose.yml' '${CADDY_DATA_PATH}/Caddyfile'"
|
||||
log_success "Removed Caddy config files"
|
||||
else
|
||||
log_info "Caddy config files already removed"
|
||||
fi
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
# Step 2: Remove cert renewal cron
|
||||
# Step 2: Optionally remove Caddy data (certs, config)
|
||||
# ---------------------------------------------------------------------------
|
||||
if ssh_exec UNRAID "crontab -l 2>/dev/null | grep -q certbot" 2>/dev/null; then
|
||||
ssh_exec UNRAID "crontab -l 2>/dev/null | grep -v certbot | crontab -"
|
||||
log_success "Certbot renewal cron removed"
|
||||
else
|
||||
log_info "No certbot cron found"
|
||||
fi
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
# Step 3: Optionally remove SSL certificates (letsencrypt only)
|
||||
# ---------------------------------------------------------------------------
|
||||
if [[ "$SSL_MODE" == "letsencrypt" ]]; then
|
||||
if ssh_exec UNRAID "test -d '/etc/letsencrypt/live/${GITEA_DOMAIN}'" 2>/dev/null; then
|
||||
printf 'Remove SSL certificates for %s? [y/N] ' "$GITEA_DOMAIN"
|
||||
if ssh_exec UNRAID "test -d '${CADDY_DATA_PATH}/data'" 2>/dev/null; then
|
||||
printf 'Remove Caddy TLS data (certificates) for %s? [y/N] ' "$GITEA_DOMAIN"
|
||||
read -r confirm
|
||||
if [[ "$confirm" =~ ^[Yy]$ ]]; then
|
||||
ssh_exec UNRAID "rm -rf '/etc/letsencrypt/live/${GITEA_DOMAIN}' '/etc/letsencrypt/archive/${GITEA_DOMAIN}' '/etc/letsencrypt/renewal/${GITEA_DOMAIN}.conf'"
|
||||
log_success "SSL certificates removed"
|
||||
ssh_exec UNRAID "rm -rf '${CADDY_DATA_PATH}/data' '${CADDY_DATA_PATH}/config'"
|
||||
log_success "Caddy TLS data removed"
|
||||
else
|
||||
log_info "SSL certificates preserved"
|
||||
fi
|
||||
log_info "Caddy TLS data preserved"
|
||||
fi
|
||||
fi
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
# Step 4: Restore GitHub repos
|
||||
# Step 3: Restore GitHub repos
|
||||
# Primary path: restore from state snapshot written by phase8_cutover.sh.
|
||||
# Fallback path: if snapshot is missing, restore description from "— was: ..."
|
||||
# and use legacy defaults for homepage/wiki/projects.
|
||||
|
||||
Reference in New Issue
Block a user